<?php

session_start();

$u = $_POST['usr'];
$p = $_POST['pwd'];

require_once('lib/dbclass.php');

$db = new MySQL();  

if (! $db->Query("select id_user,fullname,lastlog from user 
	where username='$u' and pwd=md5('$p')")) $db->Kill(); 
		

if($u=='' || $p==''){
	echo '<script>';
	echo "alert('Error: User atau Password tidak boleh kosong');";
	echo "window.location='login.php'";
	echo '</script>';
}else{
	
	if($db->RowCount()>0){
	
		$rs = $db->RowArray();
		
		$_SESSION['session_usr']= $rs['fullname'];
		$_SESSION['session_id'] = $rs['id_user'];
		
		echo '<script>';
		echo "alert('Success: Anda berhasil login sebagai admin');";
		echo "window.location='admin/index.php'";
		echo '</script>';

	}else{
	
		echo '<script>';
		echo "alert('Error: User dan Password tidak sesuai');";
		echo "window.location='login.php'";
		echo '</script>';		
	}

}

?>


